This award is funded under the American Recovery and Reinvestment Act of 2009 (Public Law 111-5).
Though perhaps unfortunate, as a practical matter software is often built with functionality as a primary goal, and security features are only added later, often after vulnerabilities have been identified. To reduce the cost and increase assurance in the process of security retrofitting, the aim to develop a methodology involving automated and semi-automated tools and techniques to add authorization policy enforcement functionality to legacy software systems.
The main insight is that major portions of the tasks involved in retrofitting code can be or already have been automated, so the design process focuses on enabling further automation and aggregating these tasks into a single, coherent approach.
More specifically, techniques and tools are being developed to: (1) identify and label security-relevant objects and I/O channels by analyzing and instrumenting annotated application source code; (2) insert code to mediate access to labeled entities; (3) abstract the inserted checks into policy-relevant, security-sensitive operations that are authorized (or denied) by the application's security policy; (4) integrate the retrofitted legacy code with the site's specific policy at deployment time to ensure, through advanced policy analysis, that the application enforces that site's policy correctly, and (5) verify correct enforcement of OS policy delegation by the retrofitted application.
The techniques and tools being developed are useful not only for retrofitting, but also for augmenting and verifying existing code already outfitted with security functionality; hence improving the state-of-the-art in creating more secure software.
